Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: mod_http2 Chrome ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY |
|
| Author |
|
lunter
Joined: 12 May 2011
Posts: 10
|
 Posted: Thu 15 Oct '15 10:02 Post subject: mod_http2 Chrome ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY |
 |
|
Split from mod_http2 :: HowTo & Info & Tips
I have problems...
I added
| Code: | LoadModule http2_module modules/mod_http2.so
<IfModule http2_module>
ProtocolsHonorOrder On
Protocols h2 http/1.1
</IfModule>
|
When I open http://mydomain.com/ the indicator (Chrome browser) shows: NOT SPDY-enabled.
When I open https://mydomain.com/ the Chrome browser shows: ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY
I have working domain ssl certifiacate on mod_ssl.
What am I doing wrong? |
|
| Back to top |
|
admin
Site Admin
Joined: 15 Oct 2005
Posts: 677
|
| Posted: Thu 15 Oct '15 10:34 Post subject: |
|
|
You are using the latest Chrome ?
If you point your browser at a h2 server with inappropriate ciphers, you will get the obscure warning like INADEQUATE_SECURITY and the browser will simply refuse to continue.
Try the advised/recommended cypher suites to be used at https://www.apachelounge.com/viewtopic.php?p=31842 |
|
| Back to top |
|
lunter
Joined: 12 May 2011
Posts: 10
|
| Posted: Thu 15 Oct '15 10:53 Post subject: |
|
|
I resolved the problem by add:
| Code: | SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
SSLProtocol All -SSLv2 -SSLv3
|
from http://icing.github.io/mod_h2/howto.html#https |
|
| Back to top |
|
|
|
|
|
|
